On Tue, Sep 01, 2015 at 10:42:00AM -0400, Simo Sorce wrote:
On Tue, 2015-09-01 at 11:26 +0200, Miroslav Lichvar wrote:
Just FYI, the reason we chose ntpd and stuck top it is that we
eventually want to support MS-SNTP signing (for compatibility with
windows clients/samba). We haven't done that yet because when we did
work on the component it was still an external patch (IIRC) even for
ntpd, but signing time is something we'd really want to do.
If you need the MS-SNTP support, I can work on that. From what I saw
it shouldn't be very difficult to implement.
Note that having an implementation of Network Time Security to which
we
can feed certificates (for the server) would also be a very good thing,
sadly none of the clients/servers support it yet apparently.
The NTS specification is still a work in progress.
--
Miroslav Lichvar